A recent ransomware attack, known as WannaCry, has affected a large number of businesses and organisations worldwide. Targeting unpatched Microsoft Windows operating systems.

The malware exploits a flaw in Remote Desktop Protocol (RDP) or Windows Server Message Block (SMB) Protocol to lock users out of their systems until ransoms are paid.

An immediate action recommended is to apply the Microsoft MS17-010 patchon the unpatched Microsoft systems to close off the vulnerability.

Use Anti-Virus to detect and block the malware:

Gateway Anti-Virus catches malware at its first point of entry, preventing it from spreading across the internal network. Make sure your Anti-Virus signature is running on version 2.0.1.632 or above, and install the daily signature updates to protect yourselves from any of its variants.

Turn on your IDP service to prevent abnormal behaviours:

When someone attempts to use Microsoft MS17-010 exploit to start the attack, the IDP service is in place to prevent it from happening.

If your USG/ZyWALL device is running on firmware version ZLD 4.25, make sure your IDP signature is updated to version 3.2.4.051 or above.

For those with USG/ZyWALL firmware ZLD 4.20 or earlier, please update to IDP signature version 3.1.4.255 for the most up-to-date protection.

Fighting malware is a never-ending battle. Find out more tips here to defend your data from ransomware attacks.